Privacy

  1. 1. INTRODUCTION
    Welcome to the KellyDeli’s privacy policy.
    KellyDeli respects your privacy and is committed to protecting your personal data. This
    privacy policy will inform you as to how we look after your personal data when you visit our
    website sushidaily.com (regardless of where you visit it from) and tell you about your privacy
    rights and how the law protects you.

    2. IMPORTANT INFORMATION AND WHO WE ARE
    2.1 PURPOSE OF THIS PRIVACY POLICY
    We take your privacy very seriously. Please read this privacy policy carefully as it contains
    important information on who we are and how and why we collect, store, use and share any
    information relating to you (your personal data) in connection with your use of our website.
    It also explains your rights in relation to your personal data and how to contact us or a
    relevant regulator in the event you have a complaint.
    We collect, use and are responsible for certain personal data about you. When we do so we
    are subject to the UK General Data Protection Regulation (UK GDPR). We are also subject
    to the EU General Data Protection Regulation (EU GDPR) in relation to goods and services
    we offer to individuals in the European Economic Area (EEA).
    This website is not intended for children, and we do not knowingly collect data relating to
    children.
    It is important that you read this privacy policy together with any other privacy policy or fair
    processing policy we may provide on specific occasions when we are collecting or
    processing personal data about you so that you are fully aware of how and why we are using
    your data. This privacy policy supplements other notices and privacy policies and is not
    intended to override them.
    2.2. CONTROLLER
    KellyDeli Group is made up of different legal entities. This privacy policy is issued on behalf
    of the KellyDeli Group so when we mention “KellyDeli”, “we”, “us” or “our” in this privacy
    policy, we are referring to the relevant company in the KellyDeli Group responsible for
    processing your data.
    KellyDeli Company Limited – as identified below – is the controller and responsible for this
    website.

    2.3. HOW TO CONTACT US
    If you have any questions about this privacy policy or our privacy practices, please contact
    us in the following ways:
     Full name of legal entity: KellyDeli Company Limited
     Email address: privacy@kellydeli.com
     Postal address: 91-93 Great Eastern Street London EC2A3HZ London United
    Kingdom
    2.4 CHANGES TO THE PRIVACY POLICY
    We keep our privacy policy under regular review.
    This version was last updated in January 2025.
    2.5 THIRD-PARTY LINKS
    This website may include links to third-party websites, plug-ins and applications. Clicking on
    those links or enabling those connections may allow third parties to collect or share data
    about you. We do not control these third-party websites and are not responsible for their
    privacy statements. When you leave our website, we encourage you to read the privacy
    policy of every website you visit.

    3. THE DATA WE COLLECT ABOUT YOU
    3.1 Personal data, or personal information, means any information about an individual from
    which that person can be identified. It does not include data where the identity has been
    removed (anonymous data).
    3.2 We collect personal information about you when you use our website ("Website") or
    otherwise interact with us via other channels such as social networks.
    3.3. We collect information that you provide to us directly when registering for our Sushi
    Daily Club, communicating with us, making enquiries, completing our partnership application
    form or visiting/using our website. This includes your name, username, password, address,
    date of birth, email address, telephone number, your location, social media profile
    information (where you reach out via social media such as Facebook or Instagram) and
    content of your communications. We also collect transaction information from when you
    make a purchase including your payment credit card information and the products you buy.
    This also includes profile information such as the products you like.

    3.4 Other personal data can be collected indirectly and automatically, for example, your
    browsing or shopping activity. We may also log general information about your browser or
    device whenever you visit our website. This information may include your computer’s
    Internet Protocol (IP) address, your browser type and version, the pages you visit on our
    Website, the time and date of your visit, and the time spent on each page. Like most website
    operators, we collect this data to better understand how our visitors use our services, and
    how we may improve your experience of our website in future. Some of this data may be
    obtained automatically through the use of cookies – please refer to our Cookies Policy
    (https://sushidaily.com/gb-en/cookies-policy/) for more information.
    3.5 In specific instances, we may need to collect additional data for the purposes explained
    to you at that time.
    3.6 We work with third parties (including, for example sub-contractors) who may collect
    personal information from you and pass it on to us. Where this is the case, the relevant third
    party is responsible for notifying the details of the same to you and for obtaining the relevant
    consents from you (if necessary).

    4. HOW IS YOUR INFORMATION USED AND WHAT IS THE LEGAL BASIS FOR THIS
    USE?
    4.1 We process your information for the following purposes:
    4.1.1 To fulfil a contract. This includes:
    - administering our reward club Sushi Daily Club;
    - to process and fulfil any orders, subscriptions or other purchase made;
    - to provide customer service;
    - to process your payments;
    - to verify your identity;
    - to process any entries that you make into competitions run by us;
    4.1.2 To conduct our business and pursue our legitimate interests, in particular:
    - to communicate with you about products, services and offers that may be of interests to
    you;
    - to provide products you have requested and for customer services purposes to respond to
    any comments or complaints you send us;
    - to continuously improve our products and services and personalise your experience online;

    - to notify you about changes to our website.
    - to provide you access to our website and to improve your user experience;
    - to better understand our customers, how often they come to and how long they spent in our
    website.
    - for market research and customer services purposes.
    4.1.3 Where you give us your consent:
    - we send you marketing communications;
    - we place cookies;
    - on other occasions where we ask you for consent, we will use the data for the purpose
    which we explain at that time.
    4.1.5 For purposes which are required by law:
    - responding to court orders, subpoenas or other legal processes with which we are required
    to comply;
    - for crime and fraud prevention, detection and related purposes.
    4.2 In certain circumstances, some of the above grounds for processing will overlap and
    there will be several grounds which justify our use of your personal information.
    4.4 You aren't always required to give us your personal data, but where we need to collect or
    process your personal data by law, or under the terms of a contract we have with you, and
    you fail to provide that data when requested (or fail to consent to the processing of that data,
    if necessary), we may not be able to perform the agreement or arrangement we have or are
    trying to enter into with you, or provide you with certain of our goods and services.

    5. WHO WE SHARE YOUR PERSONAL DATA WITH?
    5.1 Third Party Service Providers working on our behalf
    In order to make certain services available to you, we may pass your information to our third-
    party service providers, suppliers. subcontractors. These include IT, Website hosting,
    marketing service providers and payment processors (for example, to process deliveries and
    send you your order confirmation). We only allow those organisations to handle your
    personal data if we are satisfied they take appropriate measures to protect your personal
    data
    5.2 Third Parties with whom we transact

    If any of our businesses enter into a joint venture with, purchase or are sold to or merge with
    another business entity, your information may be disclosed or transferred to the target
    company, our new business partners, administrators, or owners or their advisors.
    5.3 Sharing to comply with legal obligations
    We may use the information that you provide to us if we are under a duty to disclose or
    share your information in order to comply with any legal obligation.
    5.4. Data Transfers
    In addition to the data sharing described in section 5.1, 5.2 and 5.3, the information that we
    collect from you may, where lawful, be transferred to, and stored at, a destination outside the
    UK or the European Economic Area ("EEA").
    Where we do so, we will sure that transfers:
    - are made to countries that have been deemed to provide an adequate level of protection to
    personal data; or
    - are carried out under standard contractual clauses approved by the European Commission
    as providing appropriate safeguards, copies of which are available to view on the
    Commission’s website (https://ec.europa.eu).
    If you would like further information about data transferred outside the UK/EEA, please
    contact our Data Protection Officer (see ‘HOW TO CONTACT US’ above).

    6. YOUR LEGAL RIGHTS
    Under certain circumstances, you have rights under data protection laws in relation to your
    personal data. You have the right to:
    6.1 Request access to your personal data (commonly known as a “data subject access
    request”). This enables you to receive a copy of the personal data we hold about you and to
    check that we are lawfully processing it.
    6.2 Request correction of the personal data that we hold about you. This enables you to
    have any incomplete or inaccurate data we hold about you corrected, though we may need
    to verify the accuracy of the new data you provide to us.
    6.3 Request erasure of your personal data. This enables you to ask us to delete or remove
    personal data where there is no good reason for us continuing to process it. You also have
    the right to ask us to delete or remove your personal data where you have successfully
    exercised your right to object to processing (see below), where we may have processed your

    information unlawfully or where we are required to erase your personal data to comply with
    local law. Note, however, that we may not always be able to comply with your request of
    erasure for specific legal reasons which will be notified to you, if applicable, at the time of
    your request.
    6.4 Object to processing of your personal data where we are relying on a legitimate interest
    (or those of a third party) and there is something about your particular situation which makes
    you want to object to processing on this ground as you feel it impacts on your fundamental
    rights and freedoms. You also have the right to object where we are processing your
    personal data for direct marketing purposes. In some cases, we may demonstrate that we
    have compelling legitimate grounds to process your information which override your rights
    and freedoms.
    6.5 Request restriction of processing of your personal data. This enables you to ask us to
    suspend the processing of your personal data in the following scenarios:
    6.5.1. If you want us to establish the data’s accuracy.
    6.5.2. Where our use of the data is unlawful but you do not want us to erase it.
    6.5.3 Where you need us to hold the data even if we no longer require it as you need it to
    establish, exercise or defend legal claims.
    6.5.4. You have objected to our use of your data but we need to verify whether we have
    overriding legitimate grounds to use it.
    6.6 Request the transfer of your personal data to you or to a third party. We will provide to
    you, or a third party you have chosen, your personal data in a structured, commonly used,
    machine-readable format. Note that this right only applies to automated information which
    you initially provided consent for us to use or where we used the information to perform a
    contract with you.
    6.7 Withdraw consent at any time where we are relying on consent to process your personal
    data. However, this will not affect the lawfulness of any processing carried out before you
    withdraw your consent. If you withdraw your consent, we may not be able to provide certain
    products or services to you. We will advise you if this is the case at the time you withdraw
    your consent.
    6.8 If you wish to exercise any of the rights set out above, when contacting us please:
    provide enough information to identify yourself (eg your full name, address and customer or
    matter reference number) and any additional identity information we may reasonably request
    from you, and let us know which right(s) you want to exercise and the information to which
    your request relates.

    You may also find it helpful to refer to the guidance from the UK’s Information
    Commissioner (https://ico.org.uk/for-the-public/) on your rights under the UK GDPR.

    7. HOW LONG WILL YOU USE MY PERSONAL DATA FOR?
    7.1 Where we process personal data for marketing purposes or with your consent, we
    process the data until you ask us to stop and for a short period after this (to allow us to
    implement your requests). We also keep a record of the fact that you have asked us not to
    send you direct marketing or to process your data indefinitely so that we can respect your
    request in future.
    7.2 Where we process personal data in connection with performing a contract, subscription
    or for a competition, we keep the data for 2 years from your last interaction with us.

    8 COOKIES
    A cookie is a small text file which is placed onto your device when you use our website.
    You can set your browser to refuse all or some browser cookies, or to alert you when
    websites set or access cookies. If you disable or refuse cookies, please note that some parts
    of this website may become inaccessible or not function properly. For more information
    about the cookies we use (please see https://kellydeli.com/gb-en/cookies-policy).

    9 KEEPING YOUR PERSONAL DATA SECURE
    We have appropriate security measures to prevent personal data from being accidentally
    lost, or used or accessed unlawfully. We limit access to your personal data to those who
    have a genuine need to access it. 
    We also have procedures in place to deal with any suspected data security breach. We will
    notify you and any applicable regulator of a suspected data security breach where we are
    legally required to do so.

    10 FRANCHISEES
    Some of our kiosks and other businesses are run by franchisees. A franchisee is a separate
    business that has a licence to sell produce under one of our brands.

    Each franchisee is responsible for compliance with privacy laws, and we place strict burdens
    on franchisees to ensure that they do so. Occasionally, there may be an exchange of
    personal data with a franchisee where it is necessary: for example, if you have raised a
    query with us about a matter that relates to a franchised kiosk, we would be required to
    discuss that issue with the franchisee, which would involve the use of your personal data for
    this purpose.

     

    Privacy Policy - January 2025